You May Love Apple, But Can You Trust It?

The words that people use to describe new Apple devices tend to evolve, as they do in any relationship. First come pronouncements about the device’s beauty—the curves, the elegance, the way it feels when you hold it. Only later does the focus turn to the substance of the device—its responsiveness, its communication skills, and, especially, its trustworthiness. It may be beautiful to have and to hold, but do you really want to make it the most important gadget in your life?

But, for the iPhone 6, the iPhone 6 Plus, and the Apple Watch, which Apple revealed in Cupertino last week, the difficult questions started coming right from the start. On the one hand, preorders for the iPhones have reached a record, and reviewers have gushed about the phones and the watch. (At the Verge, Chris Plante composed an erotic poem out of lines from iPhone 6 reviews.) But people have also been unusually quick to raise legitimate questions about the privacy implications of Apple’s plans, which include monitoring fitness information through the smartwatch, turning the devices into portable payment machines for use at brick-and-mortar checkout lines, and introducing a HealthKit service, which allows outside developers to access and share people’s health-care information, with their permission. “No one has considered Apple a serious data company, until now,” Brian X. Chen and Steve Lohr wrote in the Times, referencing the payment and fitness features. They added, “Talk about unfortunate timing.”

The week before Apple’s announcement, Jennifer Lawrence and other celebrities learned that hackers had broken into their Apple accounts, stolen nude photos, and then posted them online. Apple described the intrusion as decidedly low-tech. Rather than using sophisticated engineering to break into Apple’s system, the intruders appear to have guessed at user names, passwords, and security questions. This practice, Apple declared in a press release, “has become all too common on the Internet.” For some observers, this only provoked more questions. Wasn’t it even more worrisome that people could unlock Apple customers’ most private information with such a simple trick? (Cook later said that celebrities may have been the victims of “phishing” attacks, in which they were tricked into providing their account information.)*

Apple’s foray into fitness-monitoring and payment features has raised further concerns. What kind of information might fitness applications—some run by third parties outside of Apple’s control—learn, and share, about Apple Watch wearers? Apple has touted the encryption features it’ll use to obscure credit-card information, but if people take photographs of their credit cards to add them as payment options—a feature of the new service—how will those images be secured? PayPal, whose own payment service will be challenged by Apple’s, even published an ad that seemed to take aim at Apple’s iCloud troubles: “We the people want our money safer than our selfies,” it read.

On Wednesday night came Apple’s attempt to ease at least some of these concerns. A letter appeared on Apple’s Web site from its C.E.O., Tim Cook, reassuring customers about Apple’s approach to their private information. “At Apple, your trust means everything to us,” Cook wrote. He didn’t mention Lawrence, but, according to the security experts with whom I talked, that episode, along with the new products, likely factored into Apple’s timing. The company’s new mobile operating system, iOS 8, gives people the option of using two-step verification—a heightened log-in process—to access iCloud, the storage service from which Lawrence and other celebrities’ photos were taken.

Cook also argued, provocatively, that because Apple’s business is based on selling devices to people rather than selling personal information to advertisers, like some of its competitors do, it is easier for the company to adhere to certain privacy standards. “Our business model is very straightforward: We sell great products,” he wrote. “We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t ‘monetize’ the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better.”

It’s true that, among Silicon Valley companies that sell devices, Apple is in an unusual position. Google, whose Android operating system is the main rival to iPhones, makes most of its revenue from selling advertising, and it does scan your e-mail to sell relevant ads. Amazon, which unveiled the Fire Phone smartphone in June, gets its revenue largely through e-commerce. That influences the design of their products. (One of the features Amazon proudly displayed when it launched its Fire Phone was a tool that let people order from Amazon by taking pictures of items.) “From the privacy perspective, advertising-based business models are the ones that cause the greatest concern — digging into user activity to try to find some commercial value to be sold to someone else,” Marc Rotenberg, the president of the Electronic Privacy Information Center, a research center, told me. “Tim Cook is trying to put a little bit of distance between himself and their main competitor, which is Google.”

While Cook is right to point out that Apple just wants to sell phones, those phones have become so central to our lives that we store a lot of information on them as well as the online services they access. Whether Apple wants your information or not, it’s getting it. The importance of keeping information private will only grow, as will the difficulty, for Apple, of doing so. Rotenberg told me that Apple’s privacy efforts seem serious. In particular, the new payment system, called Apple Pay, won’t save users’ credit-card information on the phone itself, nor will it record details about people’s purchases. Google’s service, Google Wallet, also doesn’t store credit-card details, but it does record information such as the merchant, and the amount, the date, and the time of the payment. (A Google spokesman said that the company doesn’t use this information for advertising.) Apple Pay also has a nifty, built-in security feature: to buy things using an iPhone 6 or iPhone 6 Plus, a user has to press the home button, which has a built-in fingerprint scanner. Still, Rotenberg remains concerned about some other aspects of Apple’s forays into its customers’ personal lives. With HealthKit, for example, third-party app developers can gain access to, and share, all kinds of sensitive information about people’s health. While Apple publishes some guidelines dictating how the developers can, and can’t, use that data, it’s unclear how enforceable those rules will be. It's also unclear how Apple plans to address issues surrounding the security of credit-card photos.

Judging from the lines at its stores, Apple’s reputation seems, for the time being, resilient enough. Apple and its customers will have to work out their issues—or the customers, as they’ve done in the past, will have to settle for the relationship they’ve got.

*Update, 8:30 P.M.: This post has been revised to include Apple’s later proposed explanation for how hackers broke into celebrities’ accounts.